Tuesday, 30 December 2008

Although I tend to try and defend most of Microsoft's actions where warranted, I find myself leaning further and further toward recommending everyone ditch Microsoft related software and services, especially when they decide to start making extremely stupid decisions such as this.

Unless I've completely misunderstood, this patent essentially see's Microsoft wanting to CHARGE YOU for the privilege of using YOUR COMPUTER, as if the damn things don't cost enough already. Especially given you've already had to pay Microsoft for the damn operating system (unless you're using Linux, in which case this likely shouldn't matter to you).

I've not gone through the entire patent application yet, so do not know all of the details, but the details I do know scare me. We NEED to stop this. We need to send a message that makes it clear that they cannot be allowed to get away with actions such as this. How do we do this? I've no idea, but firing the patent office an e-mail would be a pretty damn good start.

December 29, 2008 (Computerworld) Microsoft Corp. last week applied for a patent that spells out a "pay as you go" concept under which users would be charged for both the software they run and the computing horsepower they use.

According to the patent application filed last week with the U.S. Patent and Trademark Office, the "Metered Pay-As-You-Go Computing Experience" scheme would meter software use and access to specific computer hardware. Fees would be charged against a prepaid or billed account.

The Internet needs to be globally regulated if it is to have any chance of stopping scams such as security 'scareware', a researcher has suggested.

According to Mary Landesman of ScanSafe, the recent Federal Trade Commission (FTC) injunctions against two companies accused of distributing fake anti-virus programs is a step in the right direction but against a backdrop of widespread abuse.

Friday, 26 December 2008

As a follow up to my previous post, it looks like this site isn't allowing more than one connection from the same IP. Subsequent connections result in a fake 404 (fake because it's response code is 200, yet the page returned is a 404). Unfortunately, this also means the vURL Online links will likely only show the 404's.

This one contains the script itself, but has the bulk of the code, encoded and shoved in a div (HTML element). This has become quite popular with the bad guys, and is likely due to the misconception that it makes it harder to decode - it doesn't.

Thursday, 25 December 2008

Tuesday, 23 December 2008

This may sound a bit strange coming from the person that runs the hpHosts blacklist, but I've never been a fan of either government controlled or ISP controlled, blacklists. Mainly because the user has no choice whether or not to follow such.

Yes we've got the IWF, and yes, I DO actually appreciate and support the work they do, but recent revelations have shown that even they aren't immune from stupid decisions that result in innocent sites being blacklisted, and I dare say, not even I am immune. Occasionally even I make a stupid mistake that results in an innocent site being blacklisted.

The difference is, with hpHosts, the user has a choice. They can just edit the file and disable the block, and/or get in touch with me and it'll usually be removed within 48 hours (depending on where I am at the time).

The government controlled blacklist that is in force in Australia, is absolutely useless, draconian and unworkable (and I dare say, is worse than the Chinese government filter). The only choice the user has here, is to use a proxy system such as Tor, to bypass the filter, which then leaves them with the decision of whether or not to break the law and risk being arrested.

Speaking of wilful acts of abject stupidity.

A six-month trial of Australia’s government-mandated Internet filters is to begin on Christmas Eve (while everyone’s attention is elsewhere?). And if you think this story is relevant only to Australia, think again.

If there’s one thing that assorted politicians, bureaucrats, dictators, warlords and mandarins from every corner of the planet have always lusted after, it’s the ability to control access to information. So if your localitiy isn’t already subject to a similar impost it soon could be.

Sunday, 21 December 2008

I recently had a run in with Johns Creek Software, who via Sami (Web of Trust), informed me they were not best pleased (to put it politely) that their sites had been classified as fraudulent. The sites in question are;

Unfortunately, all efforts to prove otherwise, had not gone so well. Johns Creek Software did not reference anything on their site, other than a claim of being a partner (something we all know is a very easy claim to make), and Symantecs partner website did not list them. So in a last ditch effort, Sami fired off an e-mail to Symantec, as did I, and I followed up with several phone calls.

The last contact I had, was with Symantec's online chat, who advised that I give them a call instead. This did indeed go well - but also proved that someone in Symantec US is clearly not talking to the UK office.

The reason for this? I spoke to Ravi Boojary at Symantec (UK, +44 (0)20 7616 5813), and asked if Johns Creek Software were the registered partners that they claimed to be. His response was a resounding no, they weren't. Because of this, both myself and Sami responded to Johns Creek Software informing them of what Ravi had advised me. Little did I know, Sami was to receive a response 3 days later, from Lillibeth González (Symantec US), this time informing us that they ARE infact Symantec partners.

I do not know why Ravi told me otherwise, perhaps he's not got access to the US records? In which case, he should've told me such, but either way, this does not bode well, and certainly does not look good. I do not like being made to look like a liar, which in this case, is exactly what Ravi has done, and is something I'll be taking up with him, especially as this got a little too close to a law suit for my liking.

So whats the moral of this story? Quite simple really - the security companies with offices in different countries, need to get their damn stories straight, and need to start double checking with each other when they get queries (if this means things take a little longer, then fine - aslong as it'll allow prevention of confusion and in my case, extreme frustration).

I've seen more than my share of 419 scams over the years, some slightly convincing, most not convincing, and some looking more like a joke - but this is just lazyness. The entire e-mail content is simply;

You are a winner of £516,778:00 of the U.K Gaming Board. Contact, Mr.clarkedavis email webdraws_150@hotmail.com pin code UKL/001/11234 and your reference number Ref:UK/9420X2/68,personal details

.. and received a little earlier;

GREETINGSI am ROBERT WILLIAM. , an attorney at law. A deceased client of mine, that shares the same last name as yours, who here in after shall be referred to as my client, died as the result of a heart-related condition on March 12th 2005. His heart condition was due to the death of all the members of his family in the tsunami disaster on the 26th December 2004 in Sumatra Indonesia. http://en.wikipedia.org/wiki/2004_Indian_Ocean_earthquake i want you to recieve money on my behalf I can be reached on (robertwiliams555@hotmail.com ) for details.

Now contrast this to one more I got yesterday, which itself, didn't actually contain much actual content, but did come with a (strangely non infected) .doc file (ATTACHED IS YOUR LOTTERY WINNING INFORMATIONS.doc), which showed a little more professionalism (albeit not much more);

The original .doc if anyone wants a copy, is available at (usual password):

In the last few months, we analyzed quite a few malware samples that are related to stealing of banking credentials. These keyloggers are used by attackers to harvest sensitive information like credit cards numbers, username/password combinations and similar data from an infected machine. We developed some techniques to automatically find the dropzones, i.e., the server that is used by the bad guys to send the stolen information to.

Wednesday, 17 December 2008

I don't watch alot of TV lately as there's rarely anything on (other than Top Gear, snooker, and the comedy stuff on Dave), but I've just been watching James May's Top Toys on Dave, and he's brought back some fantastic memories, from my experiences with Scalextric to Meccano (and yep, I agree with him completely, the standards of this stuff has drastically gone down hill over the years).

My favourite part however, was when he got to the model trains. I absolutely loved these when I was younger, and still do today. Sadly, my collection of 00 Hornby trains, track etc, was nicked several years ago during a burglary (pity too, I not only had my own collection, but got my grandads collection when he passed away in the late 80's). 30 trains, ranging from the Flying Scotsman to the Mallard to the 125 and 225, all gone, along with over 700 metres of track, hundreds of carraiges and other rolling stock.

I've been dying to get the trainsets back ever since, and if it wasn't for the fact they cost a fortune, I would have . The older they are, the more they cost - and the brand new stuff is expensive as it is, with the cheapest one I've seen being £100+. What I did find rather funny (mainly because it's true) is that James mentioned the trains aren't played with by the younger folk anymore, but it's their dads and grandads that play with the trains. I've been asking myself why this is, and haven't come to a reason yet. Trains have always been fun to setup, play with and fix whenever they broke (indeed, I loved fixing the broken engines, track and such when they broke or got damaged).

I am slightly thankful that the trainsets got nicked (in a wierd twisted sense of course as I wish to christ I still had them), as if they hadn't, chances are I wouldn't be as much into computers as I am. Because my parents couldn't afford to replace them for me, I got into playing with the Commodore, and from that, into the Atari, and then onto the BBC's we had at school. The rest is history.

I am aware of the virtual trains, and found out about them a few years ago. Alas I've never been able to "get into them" as it were. They don't quite thrill me as much as the "real" Hornby stuff did.

If you are into trainsets yourself, get your kids into them too if they aren't already. Get them away from the playstations, X-Boxes and the likes - there's nothing challenging about those. Infact, try getting them into the other older stuff too, such as Scalextric and Meccano (and not the newer versions of this stuff, but the originals), the amount of fun you can have playing with these is unbelievable (and will be something I'll be experiencing again myself as soon as I can afford the damn things).

Saturday, 13 December 2008

It's long been known that the EU, along with the idiots in charge of the UK, was a complete farce, and would only make things worse, and here we have yet more proof of such.

Actually, by framing the issue as a "moral case," Burnham gets to sidestep the entire issue of logic. Critics have already begun to charge that he is ignoring actual evidence and the well-regarded conclusions of the Gowers Report, not to mention previous government policy. But when the issue becomes a moral one and the livelihood of aging performers is at stake, it's suddenly easier to avoid cost/benefit analysis. Doing the right thing isn't always logical or economical.

The rather bitter irony here is that the move has been pushed largely by fabulously wealthy musicians and the music industry. In July 2007, when the government said that 50 years of copyright on songs was plenty of time to cash in, the head of the international music trade group IFPI warned, "Some of the greatest works of British music will soon be taken away from the artists who performed them and the companies that invested in them. Extending copyright term would promote vital investment in young talent and new music, all of which will help to secure the UK's future as an exciting music market."